Last active
March 17, 2024 04:51
-
-
Save ckuethe/f71185f604be9cde370e702aa179fc2e to your computer and use it in GitHub Desktop.
DNS-over-HTTPS Block List
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Here are some domains I block to interfere with DNS-over-HTTPS, so that my own DNS-based security schemes work. | |
| # If you're going to be doing this, you should probably block all outbound 53, 853, and 5353 on your network, | |
| # except from your own internal DNS resolver (eg. pihole) | |
| # | |
| # Data from https://github.com/curl/curl/wiki/DNS-over-HTTPS (and other places) | |
| 1a.ns.ozer.im | |
| 8888.google | |
| aattwwss.duckdns.org | |
| abel.waringer-atg.de | |
| a-bld.sys-adm.in | |
| ad1.heronet.nl | |
| adblock.doh.mullvad.net | |
| adblock.mydns.network | |
| addns.jpr.space | |
| adgaurd.lingmont.net | |
| adg.geili.me | |
| adg.jnorton.us | |
| adguard1.jsanagustin.net | |
| adguard1.leadmon.net | |
| adguard.ambiya.net | |
| adguard.avdkishore.dev | |
| adguard.beliefanx.cn | |
| adguard.bitteeinbyte.de | |
| adguard.dekonix.ru | |
| adguard.depieri.net | |
| adguard.dessoi.cloud | |
| adguard-dns.rouga.ch | |
| adguard.dtness.com | |
| adguard.ef67daisuki.club | |
| adguard.ender.fr | |
| adguard.firestrike-services.de | |
| adguard.frece.de | |
| adguard.gbrossi.com.br | |
| adguard.haneulo.com | |
| adguardh.ga | |
| adguard.ihatemy.live | |
| adguard.jfchenier.ca | |
| adguard.josephyap.me | |
| adguard.jpjb.net | |
| adguard.korks.tk | |
| adguard.laurenlaufman.com | |
| adguard.lege.despagne.net | |
| adguard.lspcr.space | |
| adguard.meddy94.de | |
| adguard.mokocup.cf | |
| adguard.piekacz.pl | |
| adguard.rabmoor.cz | |
| adguard.randomaizer.lentel.ru | |
| adguard.richardapplegate.io | |
| adguard.shuting.idv.tw | |
| adl.adfilter.net | |
| ag.ff0x.ca | |
| ag.ssrahul96.xyz | |
| aihe.app | |
| airmaxcloud.ml | |
| ant.dns.qwer.pw | |
| apne1.dns.terumi.club | |
| applied-privacy.net | |
| area51.mywire.org | |
| armorrush.eu.org | |
| au01.dns4me.net | |
| au02.dns4me.net | |
| awan.ftp.sh | |
| axaxa.fun | |
| basic.rethinkdns.com | |
| bcandrade.ml | |
| blackhole.gugainfo.com.br | |
| blackhole.myon.lu | |
| bld.sys-adm.in | |
| blitz.ahadns.com | |
| block.abstergo.it | |
| blockerads.multimediaconcept.fr | |
| bluemood.me | |
| ca01.dns4me.net | |
| ca02.dns4me.net | |
| canadianshield.cira.ca | |
| captnemo.in | |
| c.cicitt.ch | |
| cdzopi.duckdns.org | |
| chewbacca.meganerd.nl | |
| cintra.ml | |
| clientdns3.softcom.net | |
| cloudflare-dns.com | |
| cloudns.bosco.ovh | |
| cloud.tezoi.com | |
| cluster-0.gac.edu | |
| cluster-1.gac.edu | |
| commons.host | |
| cossxiu.ga | |
| cvt-ic-us-adns-001.clearviewtechnology.net | |
| d.apemlegit.my.id | |
| darkness.is.my.waifu.cz | |
| dart.kpsn.org | |
| de.teradns.org | |
| dgca.myds.me | |
| digitale-gesellschaft.ch | |
| dns01.flm9.net | |
| dns0.eu | |
| dns.0ooo.icu | |
| dns0.tardishost.ru | |
| dns10.quad9.net | |
| dns11.quad9.net | |
| dns1.adrianion.eu | |
| dns1.dnscrypt.ca | |
| dns1.in-berlin.de | |
| dns1.irumatech.com | |
| dns1.tardishost.ru | |
| dns2.afastserver.com | |
| dns2.cbio.top | |
| dns.52306.org | |
| dns.5ososea.com | |
| dns64.cloudflare-dns.com | |
| dns64.dns.google | |
| dns.7vpn.com | |
| dns.886886886.xyz | |
| dns8.org | |
| dns9999.duckdns.org | |
| dns9.quad9.net | |
| dns.aaflalo.me | |
| dns.aa.net.uk | |
| dns.aaytorr.com | |
| dns.adguard.com | |
| dns.adrianlam.com | |
| dns.alidns.com | |
| dns.alloxr.info | |
| dns.almir1904.eu | |
| dns.amigo-mgn.ru | |
| dns.andrewnw.xyz | |
| dns.apigw.online | |
| dns.artikel10.org | |
| dns.b33.space | |
| dns.b612.me | |
| dns.bebasid.com | |
| dns.belnet.be | |
| dns.benpro.fr | |
| dns.bitdefender.net | |
| dns.blokada.org | |
| dns.bobstrecansky.com | |
| dns.brahma.world | |
| dns.brian-hong.tech | |
| dns.bw.i81.ru | |
| dns.carson-family.com | |
| dns.chenu.ch | |
| dns.chromeina.top | |
| dns.circl.lu | |
| dns.clanless.ovh | |
| dns.comeonjames.club | |
| dns.comss.one | |
| dns.connect.fail | |
| dns.containerpi.com | |
| dns.cwlys.com | |
| dns.d365.in | |
| dns.d94.xyz | |
| dns.d96.info | |
| dns.daw.dev | |
| dns.decloudus.com | |
| dns.deekshith.in | |
| dns.dgea.fr | |
| dns.digitale-gesellschaft.ch | |
| dns.digitalsize.net | |
| dns.dnshome.de | |
| dns.dns-over-https.com | |
| dns.dnsoverhttps.net | |
| dns.dnswarden.com | |
| dns-doh.dnsforfamily.com | |
| dns.dutchwhite.nl | |
| dns-east.tylerwahl.com | |
| dns.edison42.dev | |
| dns.elemental.software | |
| dns.ellichua.com | |
| dns.emiliyan.com | |
| dnsenc.com | |
| dns.esegece.com | |
| dns.extrawdw.net | |
| dns.familiamichels.com.br | |
| dns-family.adguard.com | |
| dns-family.esegece.com | |
| dns.fancyorg.at | |
| dns.faze.dev | |
| dns.filipccz.eu | |
| dns.flatuslifir.is | |
| dns.flymc.cc | |
| dnsforge.de | |
| dns.froth.zone | |
| dns.gnb09.id | |
| dns.google | |
| dns.google.com | |
| dns.ha-dvin.pp.ua | |
| dns.hafidzradhival.my.id | |
| dns.hahnjo.de | |
| dns.hanmey.de | |
| dns.haoxuan.xyz | |
| dns.hee.ink | |
| dns.herkhof.nl | |
| dns.hinet.net | |
| dns.hostux.net | |
| dns.iamninja.ru | |
| dns.ikataruto.com | |
| dns.imaicool.com | |
| dns.indust.me | |
| dns.invisv.com | |
| dns.ipv6dns.com | |
| dns.itdept.pro | |
| dns.joaofidelix.com.br | |
| dns.jucker.engineering | |
| dns.kamilszczepanski.com | |
| dns.karl.one | |
| dns.kawa.tf | |
| dns.kernel-error.de | |
| dns.kescher.at | |
| dns.keweon.center | |
| dns.lars-lehmann.net | |
| dns.linkr.ninja | |
| dnslow.me | |
| dns.lsho.top | |
| dns.maolaohei.xyz | |
| dns.meeo.win | |
| dns.mgiptvpro.ml | |
| dns.mikeliu.org | |
| dns.mipauns.com | |
| dns.molinero.dev | |
| dns.moog.sh | |
| dns.moonssif.com | |
| dns.msxnet.ru | |
| dns.murgi.de | |
| dns.muxinghe.cn | |
| dns.mzrme.cn | |
| dns.nas-server.ru | |
| dns.neubsi.at | |
| dns.nextdns.io | |
| dns.nhtsky.com | |
| dns.njal.la | |
| dnsnl.alekberg.net | |
| dnsnl-noads.alekberg.net | |
| dns.norvig.dk | |
| dns.novali.date | |
| dns.novg.net | |
| dns.nullgate.net | |
| dns.nullrecon.com | |
| dns-nyc.aaflalo.me | |
| dns.ofdoom.net | |
| dns.opendns.com | |
| dns.opnsource.com.au | |
| dns.paesa.es | |
| dns.panszelescik.pl | |
| dns.porteii.com | |
| dns.privilab.net | |
| dns.pub | |
| dns.quad9.net | |
| dns.rafn.is | |
| dns.reckoningslug.name | |
| dns.rin.sh | |
| dns.ronc.ru | |
| dns.rotunneling.net | |
| dns.rubyfish.cn | |
| dnsse.alekberg.net | |
| dns-secondary.cloudnx.cloud | |
| dns.sellan.fr | |
| dnsse-noads.alekberg.net | |
| dnsserver.mailchan.eu | |
| dns.shecan.ir | |
| dns.shimul.me | |
| dns.silen.org | |
| dns.silentlybren.com | |
| dns.siry.de | |
| dns.skrep.eu | |
| dns.slinkyman.net | |
| dns.spil.co.id | |
| dns.startupstack.tech | |
| dns.stvsk.ml | |
| dns.surfshark.com | |
| dns.switch.ch | |
| dns.syaifullah.com | |
| dns.t53.de | |
| dns.techcpu.net | |
| dns.telekom.de | |
| dns.therifleman.name | |
| dns.tls-data.de | |
| dnstls.mobik.com | |
| dns.truong.fi | |
| dns.twnic.tw | |
| dns.umbrella.com | |
| dns.unerror.network | |
| dns.vinnyp.xyz | |
| dns.vmath.my.id | |
| dnsvps.familiamv.ml | |
| dns.wakgood.net | |
| dns.youni.win | |
| dns.zfsystem.tech | |
| dog.dns.qwer.pw | |
| doh003.280blocker.net | |
| doh-01.spectrum.com | |
| doh-02.spectrum.com | |
| doh1.b-cdn.net | |
| doh2.gslb2.xfinity.com | |
| doh-2.seby.io | |
| doh.360.cn | |
| doh.42l.fr | |
| doh.applied-privacy.net | |
| doh.armadillodns.net | |
| doh.beauty | |
| doh.boje8.me | |
| doh.bortzmeyer.fr | |
| doh.bt.com | |
| doh.buzz | |
| doh.captnemo.in | |
| doh.ccb-net.it | |
| doh.centraleu.pi-dns.com | |
| doh-ch.blahdns.com | |
| doh.cleanbrowsing.org | |
| doh.cloud-sekeng.com | |
| doh.crypto.sx | |
| doh.datacore.ch | |
| doh.datahata.by | |
| doh-de.blahdns.com | |
| doh.disconnect.app | |
| doh.dns4all.eu | |
| doh.dns.apple.com | |
| doh.dnslify.com | |
| doh.dns.sb | |
| dohdot.coxlab.net | |
| doh.dscloud.me | |
| doh.eastus.pi-dns.com | |
| doh.familyshield.opendns.com | |
| doh.ffmuc.net | |
| doh-fi.blahdns.com | |
| doh.futa.gg | |
| doh.gcp.pathofgrace.com | |
| doh.ibr.cs.tu-bs.de | |
| doh.iucc.ac.il | |
| doh.jeroenhd.nl | |
| doh-jp.blahdns.com | |
| doh.killtw.im | |
| doh.lacontrevoie.fr | |
| doh-lb-atl.dnsflex.com | |
| doh-lb-br.dnsflex.com | |
| doh-lb-ca-tor.dnsflex.com | |
| doh-lb-de.dnsflex.com | |
| doh-lb-gb.dnsflex.com | |
| doh-lb-in.dnsflex.com | |
| doh-lb-sg.dnsflex.com | |
| doh-lb-tr.dnsflex.com | |
| doh.li | |
| doh.libredns.gr | |
| doh.luigi.nexific.it | |
| doh.lujiacai.top | |
| doh.lv | |
| doh.mullvad.net | |
| doh.nic.lv | |
| doh.niyawe.de | |
| doh.nl.ahadns.net | |
| doh.northeu.pi-dns.com | |
| doh.onedns.net | |
| doh.opendns.com | |
| doh.powerdns.org | |
| doh-primary-pool.detoxifypornblocker.com | |
| doh.pyry.me | |
| doh.rezhajul.io | |
| doh.safesurfer.io | |
| doh.sb | |
| doh.seby.io | |
| doh-sg.blahdns.com | |
| doh.syshero.org | |
| doh.tiarap.org | |
| doh.tiar.app | |
| doh.totoro.pub | |
| dohtrial.att.net | |
| doh.westus.pi-dns.com | |
| doh.xcom.pro | |
| doh.xfinity.com | |
| do.shimul.me | |
| dotdns.cryptroute.com | |
| doth.huque.com | |
| d.toairs.com | |
| dukun.de | |
| easyhandshake.com | |
| echoe1yidzu4ioo5.myfritz.net | |
| edgy-dns.com | |
| esel.stusta.mhn.de | |
| eu1.dns.lavate.ch | |
| eweyo.duckdns.org | |
| example.doh.blockerdns.com | |
| externalmobiel.lekdijk.online | |
| family.5ososea.com | |
| family.canadianshield.cira.ca | |
| family.cloudflare-dns.com | |
| felipefalcao.me | |
| fi.doh.dns.snopyta.org | |
| findmethedns.info | |
| fra1.eyecay.xyz | |
| fr-dns1.bancuh.com | |
| freedns.controld.com | |
| freedom.mydns.network | |
| free.shecan.ir | |
| frog.dns.qwer.pw | |
| fuchur.pentament.de | |
| galileo.math.unipd.it | |
| gateway.fomichev.cloud | |
| gclouddns.com | |
| groupy.ga | |
| guard.sntrk.ru | |
| gustamadh.dynv6.net | |
| gztech.me | |
| hitian.me | |
| hk2.ooroot.com | |
| hole.elbschloss.xyz | |
| home27.duckdns.org | |
| home.dlinkddns.com | |
| home.marcrnt.de | |
| ibksturm.synology.me | |
| ibuki.cgnat.net | |
| ihctw.synology.me | |
| ines.zfn.uni-bremen.de | |
| intertop.link | |
| iris.woozeno.eu | |
| irre.li | |
| jackyes.ovh | |
| jcdns.fun | |
| jp2.ooroot.com | |
| jp.68360612.xyz | |
| jp-dns1.bancuh.com | |
| jpdns.cola16.app | |
| jp.dns.ikataruto.com | |
| jp.kano.sh | |
| jp.tiarap.org | |
| jp.tiar.app | |
| jurre-home.duckdns.org | |
| kaitain.restena.lu | |
| karimdns.com | |
| keithchung.hopto.org | |
| kennethhuang.com | |
| kids.5ososea.com | |
| kids.dns0.eu | |
| korzhov.dev | |
| kr1.ooroot.com | |
| kr2.ooroot.com | |
| kr.pigs.eu.org | |
| krtekvpn.duckdns.org | |
| kswro.web.id | |
| lastentarvike.fi | |
| leecurrylawfirm.com | |
| lindung.pp.ua | |
| lion.dns.qwer.pw | |
| lion.yazilimatolye.com | |
| mail.data.haus | |
| mailer.amlegion.org | |
| mainframe.dewed.de | |
| masters-of-cloud.de | |
| mozilla.cloudflare-dns.com | |
| msr177.com | |
| muc-ns01.ibytex.systems | |
| muli.stusta.mhn.de | |
| n0.eu | |
| n.3363.net | |
| n5.lsasss.com | |
| nas1403.duckdns.org | |
| ninny.duckdns.org | |
| ns.00dani.me | |
| ns1.1899.com.mx | |
| ns1.dotls.org | |
| ns1.flodns.net | |
| ns1.qquack.org | |
| ns2.1899.com.mx | |
| ns2.flodns.net | |
| ns3.bit-trail.nl | |
| ns3.com | |
| ns3.cx | |
| ns3.link | |
| n-wan.dynv6.net | |
| ny.teradns.org | |
| nz01.dns4me.net | |
| o1.lt | |
| odvr.nic.cz | |
| odvr.nic.cz | |
| one.one.one.one | |
| open.dns0.eu | |
| opennic1.eth-services.de | |
| opennic.i2pd.xyz | |
| oraclejp2.chungyu.com | |
| orau.lz0724.com | |
| ordns.he.net | |
| o.rsaikat.com | |
| osefcorp.duckdns.org | |
| pdns.faelix.net | |
| per.adfilter.net | |
| pi1.node15.com | |
| pihole1.hoerli.net | |
| pihole2.hoerli.net | |
| pihole3.hoerli.net | |
| pihole4.hoerli.net | |
| pihole.aws.ketan.dev | |
| pihole.datamatter.co.za | |
| pope.cnblw.me | |
| premiumtier-network.instadart.net | |
| private.canadianshield.cira.ca | |
| project-evoex.de | |
| pro.shecan.ir | |
| protected.canadianshield.cira.ca | |
| ps1.modr.club | |
| public.dns.iij.jp | |
| punono.duckdns.org | |
| puredns.org | |
| qlf-doh.inria.fr | |
| r1bnc.com | |
| rayneau.fr | |
| rdjdns.ajraspi.xyz | |
| rdns.faelix.net | |
| res-acst1.absolight.net | |
| res-acst2.absolight.net | |
| res-acst3.absolight.net | |
| resolver1.absolight.net | |
| resolver2.absolight.net | |
| resolver3.absolight.net | |
| resolver-eu.lelux.fi | |
| resolver.noaddns.com | |
| resolver.r0cket.net | |
| resolver.rferee.dev | |
| resolver.unstoppable.io | |
| rjmva.com | |
| sa01.dns4me.net | |
| safe.kswro.web.id | |
| safeservedns.com | |
| sagutxustech.com | |
| sbdns.co.in | |
| sby-doh.limotelu.org | |
| secure.avastdns.com | |
| securedns.vendorvista.xyz | |
| securenet.mhsystems.net | |
| secure.onedns.cc | |
| security.cloudflare-dns.com | |
| sg01.dns4me.net | |
| sg2.ooroot.com | |
| sg-dns1.bancuh.com | |
| sgpcloud.duckdns.org | |
| sg.teradns.org | |
| shalenkov.dev | |
| shield.afixer.app | |
| sink.nolo.ltd | |
| sitdns.com | |
| sky.rethinkdns.com | |
| surt.ml | |
| syd.adfilter.net | |
| t2c.240130034.xyz | |
| testaghome.meshkov.info | |
| thanos.pleumkungz.com | |
| tiger.dns.qwer.pw | |
| timmes.nl | |
| tj.jamesxue.xyz | |
| tk31z.com | |
| tlz.asia | |
| toaster.lol | |
| tor.vasi.li | |
| ttag.dns.nomu.pw | |
| tuandns.duckdns.org | |
| tungdnsne.duckdns.org | |
| tw2.ooroot.com | |
| tx.teradns.org | |
| typaza.com | |
| ueni.dyndns.org | |
| uk01.dns4me.net | |
| unfiltered.adguard-dns.com | |
| unixfox.duckdns.org | |
| us01.dns4me.net | |
| us02.dns4me.net | |
| us1.blissdns.net | |
| us-ny-alula.heliumcloud.cc | |
| virga.pp.ua | |
| vm.mytm.cc | |
| vvmm.me | |
| wantaquddin.com | |
| www.c-dns.com | |
| www.dnsadguard.co.uk | |
| www.elshad-adgh-dns.ru | |
| www.ggrbb.xyz | |
| www.morbitzer.de | |
| www.muxyuji.ru | |
| xenergy.cc | |
| xray.krnl.eu | |
| yarp.lefolgoc.net | |
| ychen.cf | |
| ychen.ga | |
| yovbak.com | |
| zero.dns0.eu | |
| zrh1-ns01.monzoon.net | |
| zxcvb.pp.ua |
https://github.com/curl/curl/wiki/DNS-over-HTTPS
List of over 500 DoH domain you can block. A script to scrape all the domains on that list is at the bottom.
Thank you @serendrewpity
How would you use this scrape tool to generate the text file? Can you put this on GIT to make it accessible for us n00bs?
HI
Do we have any list like this for website categories?
Thank you
Hello 2024, I am attempting to make this more streamlined. Please help me make this the best DoH pihole blocklist: https://github.com/Bryantdl7/pihole-blocklists/blob/main/dns-https-block.txt
Hello 2024, I am attempting to make this more streamlined. Please help me make this the best DoH pihole blocklist: https://github.com/Bryantdl7/pihole-blocklists/blob/main/dns-https-block.txt
If you're going to do a wildcard on apple-dns, you might want to do a wildcard on doh.*, dns* and any other obvious patterns.
You'll still need to block communications to any resolver from anything other than your intended internal DNS. Chromecasts, for example, are hard-wired to google dns. A few other things will also try to fall back to public resolvers if they get NXDOMAIN or whatever from DHCP DNS.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This was really helpful. Thank you.